Firewall enabling confusion.

Shaun T. Erickson ste at
Fri Feb 27 12:43:18 PST 2004

Warren Block wrote:

> On Fri, 27 Feb 2004, Shaun T. Erickson wrote:
>>Thanks! Yes, the ipfw.ko module is getting loaded. So now I just need to
>>know how to enable things like divert and logging.
> /etc/rc.firewall has examples.

I looked at that. That's not what I mean. :) I mean, if I do not have to 
build a new kernel to enable firewalling, logging and divert, then how 
do I enable them, such that the following line from my messages file 
would show that they have been enabled?

Adding firewall_enable="YES" to rc.conf caused the ipfw module to be 
loaded, enabling firewalling. Adding firewall_logging="YES" did *not* 
enable logging in the message file line shown below. How do I do that? 
How would I get that line to show divert as being enabled? I may be 
wrong (correct me if I am, please), but doesn't that line have to show 
them as enabled, before I can successfully make use of them in ipfw 
commands like those you pointed me to in rc.firewall? What if I want 
that line to report that the default is open, instead of deny?

Feb 27 14:37:22 peter kernel: ipfw2 initialized, divert disabled, 
rule-based forwarding enabled, default to deny, logging disabled


More information about the freebsd-questions mailing list